Return-Path: X-Original-To: apmail-ambari-commits-archive@www.apache.org Delivered-To: apmail-ambari-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id BC4E217BBB for ; Mon, 29 Sep 2014 12:14:13 +0000 (UTC) Received: (qmail 49122 invoked by uid 500); 29 Sep 2014 12:14:13 -0000 Delivered-To: apmail-ambari-commits-archive@ambari.apache.org Received: (qmail 49067 invoked by uid 500); 29 Sep 2014 12:14:13 -0000 Mailing-List: contact commits-help@ambari.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: ambari-dev@ambari.apache.org Delivered-To: mailing list commits@ambari.apache.org Received: (qmail 49054 invoked by uid 99); 29 Sep 2014 12:14:13 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 29 Sep 2014 12:14:13 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 59AB59BBD2A; Mon, 29 Sep 2014 12:14:13 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: jonathanhurley@apache.org To: commits@ambari.apache.org Date: Mon, 29 Sep 2014 12:14:13 -0000 Message-Id: X-Mailer: ASF-Git Admin Mailer Subject: [01/16] git commit: AMBARI-7344. CSRF Prevention is broken for the /proxy endpoint. (mpapirkovskyy) Repository: ambari Updated Branches: refs/heads/branch-alerts-dev 10f1f73b8 -> f923fd880 AMBARI-7344. CSRF Prevention is broken for the /proxy endpoint. (mpapirkovskyy) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/94bda467 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/94bda467 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/94bda467 Branch: refs/heads/branch-alerts-dev Commit: 94bda467597a55e75bda1e1469ec969dc7d5e5dc Parents: 20f112a Author: Myroslav Papirkovskyy Authored: Wed Sep 17 21:19:12 2014 +0300 Committer: Myroslav Papirkovskyy Committed: Fri Sep 26 19:34:55 2014 +0300 ---------------------------------------------------------------------- .../java/org/apache/ambari/server/controller/AmbariServer.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/94bda467/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java index e109f7e..a8cf891 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java @@ -380,7 +380,7 @@ public class AmbariServer { sh.setInitParameter("com.sun.jersey.spi.container.ContainerRequestFilters", "org.apache.ambari.server.api.AmbariCsrfProtectionFilter"); proxy.setInitParameter("com.sun.jersey.spi.container.ContainerRequestFilters", - "com.sun.jersey.api.container.filter.AmbariCsrfProtectionFilter"); + "org.apache.ambari.server.api.AmbariCsrfProtectionFilter"); } //Set jetty thread pool